xstream · threatengine.sh

Home/Product/xstream

Product

xstream

37 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the appli

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the pars

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user su

XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote att

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote

XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may al

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability m

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability w

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability whi

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitr

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Requ

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrar

It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the sec

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attack

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive

Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) Sjs

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin